Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2023-39176
5.8 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 month, 2 weeks ago
Kernel: ksmbd: transform header out-of-bounds read information disclosure vulnerability

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.

kernel
*
kernel-rt

pkgs.linux-doc

Linux kernel html documentation

pkgs.coq-kernel

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.kernelshark

GUI for trace-cmd which is an interface for the Linux kernel ftrace subsystem

pkgs.linuxPackages.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.kernel-hardening-checker

Tool for checking the security hardening options of the Linux kernel

pkgs.linuxPackages.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.python313Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.linuxPackages.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ipykernel

IPython Kernel for Jupyter

pkgs.python313Packages.ipykernel

IPython Kernel for Jupyter

pkgs.linuxPackages_latest.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.python312Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python312Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python313Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python313Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python312Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.python313Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.haskellPackages.ipython-kernel

A library for creating kernels for IPython frontends

pkgs.linuxPackages-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.rocmPackages.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.gnomeExtensions.kernel-indicator

Display the kernel version in the top bar

pkgs.linuxPackages-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python312Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.python313Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python313Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.rocmPackages_6.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.python313Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.linuxPackages_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_4.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.home-assistant-component-tests.hardkernel

Open source home automation that puts local control and privacy first

pkgs.linuxKernel.packages.linux_5_4.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_1.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_6.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_15.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_16.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_latest_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module
Package maintainers: 19
CVE-2023-39179
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 month, 2 weeks ago
Kernel: ksmbd: read request out-of-bounds read information disclosure vulnerability

A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.

kernel
*
kernel-rt

pkgs.linux-doc

Linux kernel html documentation

pkgs.coq-kernel

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.kernelshark

GUI for trace-cmd which is an interface for the Linux kernel ftrace subsystem

pkgs.linuxPackages.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.kernel-hardening-checker

Tool for checking the security hardening options of the Linux kernel

pkgs.linuxPackages.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.python313Packages.kernels

Load compute kernels from the Huggingface Hub

pkgs.linuxPackages.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ipykernel

IPython Kernel for Jupyter

pkgs.python313Packages.ipykernel

IPython Kernel for Jupyter

pkgs.linuxPackages_latest.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.python312Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python312Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python313Packages.metakernel

Jupyter/IPython Kernel Tools

pkgs.python313Packages.nix-kernel

Simple jupyter kernel for nix-repl

pkgs.python312Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.python313Packages.bash-kernel

Bash Kernel for Jupyter

pkgs.haskellPackages.ipython-kernel

A library for creating kernels for IPython frontends

pkgs.linuxPackages-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.rocmPackages.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxPackages_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.gnomeExtensions.kernel-indicator

Display the kernel version in the top bar

pkgs.linuxPackages-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python312Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.python313Packages.ansible-kernel

Ansible kernel for Jupyter

pkgs.python313Packages.spyder-kernels

Jupyter kernels for Spyder's console

pkgs.rocmPackages_6.composable_kernel

Performance portable programming model for machine learning tensor operators

pkgs.linuxPackages_latest.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.python312Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.python313Packages.jupyter-c-kernel

Minimalistic C kernel for Jupyter

pkgs.linuxPackages_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_4.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_lqx.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_latest-libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxPackages_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.home-assistant-component-tests.hardkernel

Open source home automation that puts local control and privacy first

pkgs.linuxKernel.packages.linux_5_4.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_1.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_6.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_10.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_15.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_16.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_5_4.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_1.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_6.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_lqx.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_zen.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_10.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_5_15.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_16.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_2

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_2_3

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_latest_libre.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_6_12_hardened.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_xanmod_stable.linux-gpib

Support package for GPIB (IEEE 488) hardware

pkgs.linuxKernel.packages.linux_latest_libre.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_unstable

ZFS Filesystem Linux Kernel Module

pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_unstable

ZFS Filesystem Linux Kernel Module
Package maintainers: 19
CVE-2023-6110
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 month, 2 weeks ago
Openstack: deleting a non existing access rule deletes another existing access rule in it's scope

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

openstack-keystone
python-openstackclient
*

pkgs.openstackclient

OpenStack Command-line Client

pkgs.openstackclient-full

OpenStack Command-line Client

pkgs.python312Packages.python-openstackclient

OpenStack Command-line Client

pkgs.python313Packages.python-openstackclient

OpenStack Command-line Client
Package maintainers: 3
CVE-2020-25720
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 2 weeks ago
Samba: check attribute access rights for ldap adds of computers

A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.

rhcos
samba
<4.17.8
samba4

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

pkgs.sambamba

SAM/BAM processing tool

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix
Package maintainers: 2
CVE-2024-0793
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 2 weeks ago
Kube-controller-manager: malformed hpa v1 manifest causes crash

A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.

openshift
*
microshift
coredns-container
ose-etcd-container
ose-node-container
ose-tools-container
telemeter-container
kube-proxy-container
multus-cni-container
ose-thanos-container
csi-attacher-container
oauth-server-container
kube-controller-manager
<1.27
ose-installer-container
csi-driver-nfs-container
driver-toolkit-container
ose-hypershift-container
ose-olm-rukpak-container
csi-provisioner-container
kube-rbac-proxy-container
ose-cluster-api-container
ose-must-gather-container
configmap-reload-container
oc-mirror-plugin-container
csi-driver-manila-container
csi-livenessprobe-container
operator-registry-container
ose-cli-artifacts-container
ose-network-tools-container
kube-state-metrics-container
ose-ovn-kubernetes-container
ose-oauth-apiserver-container
prometheus-operator-container
marketplace-operator-container
ose-ovirt-csi-driver-container
cluster-etcd-operator-container
ose-cluster-bootstrap-container
ose-egress-router-cni-container
ose-gcp-pd-csi-driver-container
ose-insights-operator-container
ose-machine-os-images-container
vmware-vsphere-syncer-container
ose-aws-ebs-csi-driver-container
ose-baremetal-operator-container
ose-prometheus-adapter-container
ironic-rhcos-downloader-container
openshift-state-metrics-container
ose-baremetal-installer-container
ose-cluster-update-keys-container
ose-installer-artifacts-container
ose-kubevirt-csi-driver-container
ose-openshift-apiserver-container
ose-service-ca-operator-container
cluster-network-operator-container
cluster-version-operator-container
openshift-enterprise-cli-container
openshift-enterprise-pod-container
ose-baremetal-runtimecfg-container
ose-cluster-dns-operator-container
ose-csi-external-resizer-container
ose-machine-api-operator-container
ose-multus-networkpolicy-container
csi-node-driver-registrar-container
ose-azure-disk-csi-driver-container
ose-azure-file-csi-driver-container
ose-cluster-capi-operator-container
ovn-kubernetes-microshift-container
csi-driver-manila-operator-container
ibm-vpc-node-label-updater-container
openshift-enterprise-tests-container
operator-lifecycle-manager-container
ose-network-metrics-daemon-container
prometheus-config-reloader-container
cluster-monitoring-operator-container
ose-apiserver-network-proxy-container
ose-cluster-config-operator-container
ose-csi-snapshot-controller-container
ose-machine-config-operator-container
baremetal-machine-controller-container
cluster-node-tuning-operator-container
openshift-enterprise-console-container
ose-alibaba-cloud-csi-driver-container
ose-aws-pod-identity-webhook-container
ose-azure-cloud-node-manager-container
ose-cluster-ingress-operator-container
ose-cluster-machine-approver-container
ose-cluster-storage-operator-container
ose-csi-external-snapshotter-container
ose-ibm-vpc-block-csi-driver-container
ose-machine-api-provider-aws-container
ose-machine-api-provider-gcp-container
ose-powervs-block-csi-driver-container
ose-route-controller-manager-container
ose-vsphere-problem-detector-container
openshift-enterprise-deployer-container
openshift-enterprise-registry-container
ose-cloud-credential-operator-container
ose-cluster-policy-controller-container
ose-ovirt-machine-controllers-container
ose-vmware-vsphere-csi-driver-container
openshift-enterprise-hyperkube-container
ose-agent-installer-api-server-container
ose-agent-installer-node-agent-container
ose-cluster-baremetal-operator-container
ose-cluster-ovirt-csi-operator-container
ose-csi-driver-shared-resource-container
ose-gcp-pd-csi-driver-operator-container
ose-machine-api-provider-azure-container
ose-network-interface-bond-cni-container
ose-alibaba-machine-controllers-container
ose-aws-cluster-api-controllers-container
ose-aws-ebs-csi-driver-operator-container
ose-cluster-autoscaler-operator-container
ose-containernetworking-plugins-container
ose-gcp-cluster-api-controllers-container
ose-libvirt-machine-controllers-container
ose-multus-admission-controller-container
ose-nutanix-machine-controllers-container
ose-openstack-cinder-csi-driver-container
ose-powervs-machine-controllers-container
ose-agent-installer-csr-approver-container
ose-agent-installer-orchestrator-container
ose-aws-cloud-controller-manager-container
ose-gcp-cloud-controller-manager-container
ose-ibm-cloud-controller-manager-container
ose-ibmcloud-machine-controllers-container
ose-openshift-controller-manager-container
ose-azure-cluster-api-controllers-container
ose-kube-storage-version-migrator-container
ose-azure-cloud-controller-manager-container
ose-azure-disk-csi-driver-operator-container
ose-azure-file-csi-driver-operator-container
ose-image-customization-controller-container
ose-machine-api-provider-openstack-container
openshift-enterprise-haproxy-router-container
ose-cloud-network-config-controller-container
ose-cluster-authentication-operator-container
ose-cluster-image-registry-operator-container
ose-cluster-kube-apiserver-operator-container
ose-cluster-kube-scheduler-operator-container
ose-csi-snapshot-validation-webhook-container
ose-vsphere-cluster-api-controllers-container
ose-alibaba-cloud-controller-manager-container
ose-alibaba-disk-csi-driver-operator-container
ose-ibmcloud-cluster-api-controllers-container
ose-nutanix-cloud-controller-manager-container
ose-powervs-cloud-controller-manager-container
ose-vsphere-cloud-controller-manager-container
openshift-enterprise-console-operator-container
ose-cluster-kube-cluster-api-operator-container
ose-ibm-vpc-block-csi-driver-operator-container
ose-kubevirt-cloud-controller-manager-container
ose-powervs-block-csi-driver-operator-container
prometheus-operator-admission-webhook-container
ose-cluster-platform-operators-manager-container
ose-csi-driver-shared-resource-webhook-container
ose-openstack-cloud-controller-manager-container
ose-vmware-vsphere-csi-driver-operator-container
ose-csi-driver-shared-resource-operator-container
ose-cluster-openshift-apiserver-operator-container
ose-openstack-cinder-csi-driver-operator-container
openshift-enterprise-keepalived-ipfailover-container
ose-cluster-csi-snapshot-controller-operator-container
ose-cluster-kube-controller-manager-operator-container
ose-cluster-cloud-controller-manager-operator-container
ose-cluster-control-plane-machine-set-operator-container
ose-cluster-openshift-controller-manager-operator-container
ose-cluster-kube-storage-version-migrator-operator-container

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

pkgs.python312Packages.openshift

Python client for the OpenShift API

pkgs.python313Packages.openshift

Python client for the OpenShift API

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

pkgs.python313Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python
Package maintainers: 4
CVE-2023-0657
3.4 LOW
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month, 2 weeks ago
Keycloak: impersonation via logout token exchange

A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.

keycloak
<22.0.10
<24.0.3
rhbk/keycloak-rhel9
*
rhbk/keycloak-rhel9-operator
*
rhbk/keycloak-operator-bundle
*

pkgs.keycloak

Identity and access management for modern applications and services

pkgs.terraform-providers.keycloak

pkgs.python312Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python313Packages.python-keycloak

Provides access to the Keycloak API
Package maintainers: 4
CVE-2023-1419
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 month, 2 weeks ago
Debezium: script injection via connector parameter

A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.

mysql-connector-java

pkgs.mysql_jdbc

MySQL Connector/J
CVE-2023-43091
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 2 weeks ago
Gnome-maps: gnome maps is vulnerable to a code injection attack (similar to xss) via its service.json

A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code.

gnome-maps
=<45.beta

pkgs.gnome-maps

Map application for GNOME 3
Package maintainers: 4
CVE-2024-52416
10.0 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 2 weeks ago
WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability

Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2.

debug-tool
=<2.2

pkgs.python312Packages.django-debug-toolbar

Configurable set of panels that display debug information about the current request/response

pkgs.python313Packages.django-debug-toolbar

Configurable set of panels that display debug information about the current request/response

pkgs.python312Packages.django-graphiql-debug-toolbar

Django Debug Toolbar for GraphiQL IDE

pkgs.python313Packages.django-graphiql-debug-toolbar

Django Debug Toolbar for GraphiQL IDE
Package maintainers: 2
CVE-2024-52412
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 2 weeks ago
WordPress Xin theme <= 1.0.8.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1.

xin
=<1.0.8.1

pkgs.zxing

1D and 2D code reading library

pkgs.xinetd

Secure replacement for inetd

pkgs.texinfo6

GNU documentation system

pkgs.texinfo7

GNU documentation system

pkgs.voxinput

Voice to text for any Linux app via dotool/uinput and the LocalAI/OpenAI transcription API

pkgs.zxing-cpp

C++ port of zxing (a Java barcode image processing library)

pkgs.tmuxinator

Manage complex tmux sessions easily

pkgs.xorg.xinput

pkgs.quodlibet-xine

GTK-based audio player written in Python, using the Mutagen tagging library

pkgs.libsForQt5.qzxing

Qt/QML wrapper library for the ZXing library

pkgs.xinput_calibrator

Generic touchscreen calibration program for X.Org

pkgs.kdePackages.qzxing

Qt/QML wrapper library for the ZXing library

pkgs.qt6Packages.qzxing

Qt/QML wrapper library for the ZXing library

pkgs.texinfoInteractive

GNU documentation system

pkgs.quodlibet-xine-full

GTK-based audio player written in Python, using the Mutagen tagging library

pkgs.kdePackages.zxing-cpp

C++ port of zxing (a Java barcode image processing library)

pkgs.haskellPackages.exinst

Dependent pairs and their instances

pkgs.plasma5Packages.qzxing

Qt/QML wrapper library for the ZXing library

pkgs.perlPackages.LatexIndent

Perl script to add indentation to LaTeX files

pkgs.python312Packages.mixins

Mixin classes which may be added to your own classes to add certain functionality to them

pkgs.python313Packages.mixins

Mixin classes which may be added to your own classes to add certain functionality to them

pkgs.vdrPlugins.xineliboutput

Xine-lib based software output device for VDR

pkgs.haskellPackages.x11-xinput

Haskell FFI bindings for X11 XInput library (-lXi)

pkgs.perlPackages.MixinLinewise

Write your linewise code for handles; this does the rest

pkgs.haskellPackages.exinst-base

@exinst@ support for @base@ package

pkgs.perl538Packages.LatexIndent

Perl script to add indentation to LaTeX files

pkgs.perl540Packages.LatexIndent

Perl script to add indentation to LaTeX files

pkgs.python312Packages.zxing-cpp

C++ port of zxing (a Java barcode image processing library)

pkgs.python313Packages.zxing-cpp

C++ port of zxing (a Java barcode image processing library)

pkgs.haskellPackages.exinst-aeson

@exinst@ support for @aeson@ package

pkgs.haskellPackages.exinst-bytes

@exinst@ support for @bytes@ package

pkgs.pythonDocs.texinfo.python310

pkgs.haskellPackages.exinst-cereal

@exinst@ support for @cereal@ package

pkgs.perl538Packages.MixinLinewise

Write your linewise code for handles; this does the rest

pkgs.perl540Packages.MixinLinewise

Write your linewise code for handles; this does the rest

pkgs.haskellPackages.gogol-indexing

Google Web Search Indexing SDK

pkgs.haskellPackages.xinput-conduit

Conduit of keys pressed by xinput

pkgs.python312Packages.colcon-mixin

Extension for colcon-core to provide mixin functionality

pkgs.python313Packages.colcon-mixin

Extension for colcon-core to provide mixin functionality

pkgs.haskellPackages.unboxing-vector

A newtype-friendly variant of unboxed vectors

pkgs.haskellPackages.exinst-serialise

Dependent pairs and their instances

pkgs.haskellPackages.bytestring-lexing

Efficiently parse and produce common integral and fractional numbers

pkgs.python312Packages.sqlalchemy-mixins

Python mixins for SQLAlchemy ORM

pkgs.python313Packages.sqlalchemy-mixins

Python mixins for SQLAlchemy ORM
Package maintainers: 16